Пример #1
0
    def test_sample_readme_cwt_with_pop_cose_key(self):
        with open(key_path("private_key_ed25519.pem")) as key_file:
            private_key = COSEKey.from_pem(key_file.read(), kid="issuer-01")
        with open(key_path("public_key_es256.pem")) as key_file:
            pop_key = COSEKey.from_pem(key_file.read())
        token = cwt.encode(
            {
                1: "coaps://as.example",  # iss
                2: "dajiaji",  # sub
                7: b"123",  # cti
                8: {  # cnf
                    1: pop_key.to_dict(),
                },
            },
            private_key,
        )

        with open(key_path("public_key_ed25519.pem")) as key_file:
            public_key = COSEKey.from_pem(key_file.read(), kid="issuer-01")
        decoded = cwt.decode(token, public_key)
        assert 8 in decoded and isinstance(decoded[8], dict)
        assert 1 in decoded[8] and isinstance(decoded[8][1], dict)
        extracted = COSEKey.new(decoded[8][1])
        assert extracted.kty == 2  # EC2
        assert extracted.crv == 1  # P-256
Пример #2
0
 def test_sample_rfc8392_a4(self):
     key = COSEKey.new(
         {
             -1: bytes.fromhex("403697de87af64611c1d32a05dab0fe1fcb715a86ab435f1ec99192d79569388"),
             1: 4,  # Symmetric
             2: bytes.fromhex("53796d6d6574726963323536"),
             3: 4,  # HMAC256/64
         }
     )
     token = cwt.encode(
         {
             1: "coap://as.example.com",
             2: "erikw",
             3: "coap://light.example.com",
             4: 1444064944,
             5: 1443944944,
             6: 1443944944,
             7: bytes.fromhex("0b71"),
         },
         key,
         tagged=True,
     )
     assert token == bytes.fromhex(SAMPLE_CWT_RFC8392_A4)
     decoded = cwt.decode(token, keys=key, no_verify=True)
     assert 1 in decoded and decoded[1] == "coap://as.example.com"
Пример #3
0
    def test_sample_readme_cwt_with_pop_jwk(self):

        # issuer:
        with open(key_path("private_key_ed25519.pem")) as key_file:
            private_key = COSEKey.from_pem(key_file.read(), kid="issuer-01")
        token = cwt.encode(
            {
                "iss": "coaps://as.example",
                "sub": "dajiaji",
                "cti": "123",
                "cnf": {
                    "jwk": {
                        "kty": "OKP",
                        "use": "sig",
                        "crv": "Ed25519",
                        "kid": "01",
                        "x": "2E6dX83gqD_D0eAmqnaHe1TC1xuld6iAKXfw2OVATr0",
                        "alg": "EdDSA",
                    },
                },
            },
            private_key,
        )

        # presenter:
        msg = b"could-you-sign-this-message?"  # Provided by recipient.
        pop_key_private = COSEKey.from_jwk(
            {
                "kty": "OKP",
                "d": "L8JS08VsFZoZxGa9JvzYmCWOwg7zaKcei3KZmYsj7dc",
                "use": "sig",
                "crv": "Ed25519",
                "kid": "01",
                "x": "2E6dX83gqD_D0eAmqnaHe1TC1xuld6iAKXfw2OVATr0",
                "alg": "EdDSA",
            }
        )
        sig = pop_key_private.sign(msg)

        # recipient:
        with open(key_path("public_key_ed25519.pem")) as key_file:
            public_key = COSEKey.from_pem(key_file.read(), kid="issuer-01")
        decoded = cwt.decode(token, public_key)
        assert 8 in decoded and isinstance(decoded[8], dict)
        assert 1 in decoded[8] and isinstance(decoded[8][1], dict)
        c = Claims.new(decoded)
        extracted = COSEKey.new(c.cnf)
        try:
            extracted.verify(msg, sig)
        except Exception:
            pytest.fail("verify should not fail.")
Пример #4
0
 def test_key_builder_new_with_invalid_args(self, invalid, msg):
     with pytest.raises(ValueError) as err:
         COSEKey.new(invalid)
         pytest.fail("new should fail.")
     assert msg in str(err.value)
Пример #5
0
 def test_key_builder_new_with_valid_args(self, cose_key):
     try:
         COSEKey.new(cose_key)
     except Exception:
         pytest.fail("new should not fail.")